enable update process for VM hostname
This commit is contained in:
parent
4bd6b48877
commit
b12c8ebb4b
GPG Key ID:
451028EE56A0FBB4
2
Cargo.lock
generated
2
Cargo.lock
generated
@ -1110,7 +1110,7 @@ dependencies = [
|
||||
[[package]]
|
||||
name = "detee-shared"
|
||||
version = "0.1.0"
|
||||
source = "git+ssh://git@gitea.detee.cloud/testnet/proto.git?branch=main#a874749fd5d7d8a5c964835f11bc8f97007f9f9e"
|
||||
source = "git+ssh://git@gitea.detee.cloud/testnet/proto.git?branch=main#70e83dd0e982eeb491212c4a9d265df0b148fe24"
|
||||
dependencies = [
|
||||
"base64",
|
||||
"prost",
|
||||
|
||||
@ -24,6 +24,10 @@ if [[ -z "${MEASUREMENT}" ]]; then
|
||||
exit 1
|
||||
fi
|
||||
|
||||
if [[ -z "${VM_HOSTNAME}" ]]; then
|
||||
VM_HOSTNAME="detee-vm"
|
||||
fi
|
||||
|
||||
server="$SERVER_ADDR"
|
||||
ssh_pubkey_dir="${HOME}/.detee/cli/vms/ssh"
|
||||
cert_dir="${HOME}/.detee/cli/vms/certs"
|
||||
@ -155,6 +159,7 @@ if [[ -n "$DETEE_INSTALL_URL" ]] && [[ -n "$DETEE_INSTALL_URL" ]]; then
|
||||
--data-urlencode "url=${DETEE_INSTALL_URL}" \
|
||||
-d "sha=${DETEE_INSTALL_SHA}" \
|
||||
-d "keyfile=$(cat "$keyfile" | basenc --base64url -w 0)" \
|
||||
-d "hostname=${VM_HOSTNAME}" \
|
||||
"https://dtrfs-api:${port}/install" || exit 1
|
||||
else
|
||||
echo
|
||||
|
||||
@ -436,6 +436,12 @@ fn clap_cmd() -> Command {
|
||||
.help("supply the uuid of the VM you wish to upgrade")
|
||||
.required(true)
|
||||
)
|
||||
.arg(
|
||||
Arg::new("hostname")
|
||||
.long("hostname")
|
||||
.default_value("")
|
||||
.help("change the hostname within the smart contract")
|
||||
)
|
||||
.arg(
|
||||
Arg::new("vcpus")
|
||||
.long("vcpus")
|
||||
|
||||
@ -88,12 +88,14 @@ fn handle_vm_list(update_vm_args: &ArgMatches) -> Result<Vec<snp::VmContract>, B
|
||||
|
||||
fn handle_vm_update(update_vm_args: &ArgMatches) -> Result<SimpleOutput, Box<dyn Error>> {
|
||||
let uuid = update_vm_args.get_one::<String>("uuid").unwrap().clone();
|
||||
let hostname = update_vm_args.get_one::<String>("hostname").unwrap().clone();
|
||||
let memory = *update_vm_args.get_one::<u32>("memory").unwrap();
|
||||
if memory > 0 && memory < 800 {
|
||||
log::error!("At least 800MB of memory must be assgined to the VM");
|
||||
return Ok(SimpleOutput::from(""));
|
||||
}
|
||||
snp::update::Request::process_request(
|
||||
hostname,
|
||||
&uuid,
|
||||
*update_vm_args.get_one::<u32>("vcpus").unwrap(),
|
||||
memory,
|
||||
|
||||
@ -81,7 +81,6 @@ impl Request {
|
||||
let args = new_vm_resp.args.ok_or(Error::NoMeasurement)?;
|
||||
let measurement_args = injector::Args {
|
||||
uuid: new_vm_resp.uuid.clone(),
|
||||
hostname: self.hostname.clone(),
|
||||
vcpus: self.vcpus,
|
||||
kernel: kernel_sha,
|
||||
initrd: dtrfs_sha,
|
||||
|
||||
@ -5,7 +5,6 @@ use std::net::IpAddr;
|
||||
#[derive(Debug)]
|
||||
pub struct Args {
|
||||
pub uuid: String,
|
||||
pub hostname: String,
|
||||
pub vcpus: u32,
|
||||
pub kernel: String,
|
||||
pub initrd: String,
|
||||
@ -98,7 +97,7 @@ impl Args {
|
||||
ip_string = "detee_net_eth0=10.0.2.15_24_10.0.2.2 ".to_string() + &ip_string;
|
||||
}
|
||||
let admin_key = format!("detee_admin={} ", Config::get_detee_wallet()?);
|
||||
let hostname = format!("detee_name={}", self.hostname);
|
||||
let hostname = format!("detee_uuid={}", self.uuid);
|
||||
let params = format!("{}{}{}", ip_string, admin_key, hostname);
|
||||
debug!("Calculated kernel params for {} to: {}", self.uuid, params);
|
||||
Ok(params)
|
||||
@ -109,7 +108,7 @@ pub fn execute(
|
||||
measurement: String,
|
||||
server_addr: String,
|
||||
os_template: Option<(&str, &str)>,
|
||||
log_file_name: &str,
|
||||
vm_hostname: &str,
|
||||
) -> Result<super::VmSshArgs, Error> {
|
||||
let parsed_addr = match server_addr.parse::<std::net::SocketAddrV4>() {
|
||||
Ok(addr) => addr,
|
||||
@ -125,7 +124,7 @@ pub fn execute(
|
||||
};
|
||||
eprintln!("Injecting disk encryption key into VM. This will take a minute. Do not interrupt.");
|
||||
let (os_template_url, os_template_sha) = os_template.unwrap_or(("", ""));
|
||||
let logs_path = Config::logs_dir()? + "/" + log_file_name;
|
||||
let logs_path = Config::logs_dir()? + "/" + vm_hostname;
|
||||
log::info!("Logs will be saved to {}", logs_path);
|
||||
let logs_file = std::fs::File::create(logs_path.clone())?;
|
||||
let mut child_process = std::process::Command::new("detee-cli_injector.sh")
|
||||
@ -134,6 +133,7 @@ pub fn execute(
|
||||
.env("DETEE_INSTALL_URL", os_template_url)
|
||||
.env("DETEE_INSTALL_SHA", os_template_sha)
|
||||
.env("MEASUREMENT", measurement)
|
||||
.env("VM_HOSTNAME", vm_hostname)
|
||||
.stdout(logs_file.try_clone()?)
|
||||
.stderr(logs_file)
|
||||
.spawn()?;
|
||||
|
||||
@ -396,12 +396,12 @@ pub fn calculate_nanolp(
|
||||
|
||||
lazy_static! {
|
||||
static ref DEFAULT_DTRFS: Dtrfs = Dtrfs {
|
||||
name: "dtrfs-6.13.6-arch1-1".to_string(),
|
||||
name: "dtrfs-6.13.7-arch1-1".to_string(),
|
||||
vendor: "ghe0".to_string(),
|
||||
dtrfs_url: "http://registry.detee.ltd/detee-archtop-6.13.6-arch1-1.cpio.gz".to_string(),
|
||||
dtrfs_sha: "de48048fb42fe4054611f14e51ce175ca90645734fe41349642f036b8bca8fcd".to_string(),
|
||||
kernel_url: "http://registry.detee.ltd/vmlinuz-linux-6.13.6-arch1-1".to_string(),
|
||||
kernel_sha: "7efaca6c348cd4136afe3ece0beec346da713029347a0d4e71e12a0b91570de7".to_string()
|
||||
dtrfs_url: "http://registry.detee.ltd/detee-archtop-6.13.7-arch1-1.cpio.gz".to_string(),
|
||||
dtrfs_sha: "dc02e091da80c281fe735a1be86b3fe766f1741d82c32f5dc64344b345827c6d".to_string(),
|
||||
kernel_url: "http://registry.detee.ltd/vmlinuz-linux-6.13.7-arch1-1".to_string(),
|
||||
kernel_sha: "469a89668d2f5744b3f80417fcf0a4ce0140fcb78f1e8834ef8e3668eecc934c".to_string()
|
||||
};
|
||||
static ref DEFAULT_ARCHLINUX: Distro = Distro {
|
||||
name: "archlinux_2025-02-21".to_string(),
|
||||
@ -429,20 +429,20 @@ lazy_static! {
|
||||
name: "dtrfs-6.13.6-arch1-1".to_string(),
|
||||
vendor: "ghe0".to_string(),
|
||||
dtrfs_url: "http://registry.detee.ltd/detee-archtop-6.13.6-arch1-1.cpio.gz".to_string(),
|
||||
dtrfs_sha: "83675cf2a27db526ec0705daf2606674778759fb33cdb8b1dfc4ddd623608806"
|
||||
dtrfs_sha: "de48048fb42fe4054611f14e51ce175ca90645734fe41349642f036b8bca8fcd"
|
||||
.to_string(),
|
||||
kernel_url: "http://registry.detee.ltd/vmlinuz-linux-6.13.6-arch1-1".to_string(),
|
||||
kernel_sha: "7efaca6c348cd4136afe3ece0beec346da713029347a0d4e71e12a0b91570de7"
|
||||
.to_string()
|
||||
},
|
||||
Dtrfs {
|
||||
name: "dtrfs-6.13.4-arch1-1".to_string(),
|
||||
name: "dtrfs-6.13.6-arch1-1".to_string(),
|
||||
vendor: "ghe0".to_string(),
|
||||
dtrfs_url: "http://registry.detee.ltd/detee-archtop-6.13.4-arch1-1.cpio.gz".to_string(),
|
||||
dtrfs_sha: "3f6b3e5740f249eedfb2f7248c521a551be8b2676f7fcb040f3f3bc840a5004b"
|
||||
dtrfs_url: "http://registry.detee.ltd/detee-archtop-6.13.6-arch1-1.cpio.gz".to_string(),
|
||||
dtrfs_sha: "83675cf2a27db526ec0705daf2606674778759fb33cdb8b1dfc4ddd623608806"
|
||||
.to_string(),
|
||||
kernel_url: "http://registry.detee.ltd/vmlinuz-linux-6.13.4-arch1-1".to_string(),
|
||||
kernel_sha: "3ec4fc5aa5729f515967ec71be4a851622785c0080f7191b1b07717149840151"
|
||||
kernel_url: "http://registry.detee.ltd/vmlinuz-linux-6.13.6-arch1-1".to_string(),
|
||||
kernel_sha: "7efaca6c348cd4136afe3ece0beec346da713029347a0d4e71e12a0b91570de7"
|
||||
.to_string()
|
||||
},
|
||||
];
|
||||
|
||||
@ -8,6 +8,7 @@ use log::{debug, info};
|
||||
|
||||
#[derive(Clone, Debug, Default, PartialEq)]
|
||||
pub struct Request {
|
||||
hostname: String,
|
||||
vcpus: u32,
|
||||
memory_mb: u32,
|
||||
disk_size_gb: u32,
|
||||
@ -16,6 +17,7 @@ pub struct Request {
|
||||
|
||||
impl Request {
|
||||
pub fn process_request(
|
||||
hostname: String,
|
||||
uuid: &str,
|
||||
vcpus: u32,
|
||||
memory_mb: u32,
|
||||
@ -30,7 +32,7 @@ impl Request {
|
||||
Some(Dtrfs::load_from_file(path)?)
|
||||
}
|
||||
};
|
||||
let req = Self { vcpus, memory_mb, disk_size_gb, dtrfs };
|
||||
let req = Self { hostname, vcpus, memory_mb, disk_size_gb, dtrfs };
|
||||
if req == Self::default() {
|
||||
log::info!("Skipping hardware upgrade (no arguments specified).");
|
||||
return Ok(());
|
||||
@ -47,26 +49,32 @@ impl Request {
|
||||
return Err(Error::Node(update_vm_resp.error));
|
||||
}
|
||||
|
||||
eprintln!("The node accepted the hardware modifications for the VM.");
|
||||
let current_contract = block_on(grpc::get_contract_by_uuid(uuid))?;
|
||||
debug!("Got the current contract for the VM after update. {current_contract:#?}");
|
||||
eprintln!("The modifications got approved. Proceeding with update...");
|
||||
let updated_contract = block_on(grpc::get_contract_by_uuid(uuid))?;
|
||||
debug!("Got the current contract for the VM after update. {updated_contract:#?}");
|
||||
|
||||
if !(self.vcpus != 0 || self.dtrfs.is_some()) {
|
||||
eprintln!("vCPUs and kernel did not get modified. Secret injection is not required.");
|
||||
return Ok(());
|
||||
}
|
||||
|
||||
let args = update_vm_resp.args.ok_or(Error::NoMeasurement)?;
|
||||
let measurement_args = injector::Args {
|
||||
uuid: update_vm_resp.uuid,
|
||||
hostname: current_contract.hostname.clone(),
|
||||
vcpus: current_contract.vcpus,
|
||||
kernel: current_contract.kernel_sha,
|
||||
initrd: current_contract.dtrfs_sha,
|
||||
vcpus: updated_contract.vcpus,
|
||||
kernel: updated_contract.kernel_sha,
|
||||
initrd: updated_contract.dtrfs_sha,
|
||||
args: args.clone(),
|
||||
};
|
||||
let measurement = measurement_args.get_measurement()?;
|
||||
|
||||
if self.vcpus != 0 || self.dtrfs.is_some() {
|
||||
injector::execute(measurement, args.dtrfs_api_endpoint, None, uuid)?;
|
||||
} else {
|
||||
println!("vCPUs and kernel did not get modified. Secret injection is not required.");
|
||||
}
|
||||
injector::execute(
|
||||
measurement,
|
||||
args.dtrfs_api_endpoint,
|
||||
None,
|
||||
&updated_contract.hostname,
|
||||
)?;
|
||||
|
||||
Ok(())
|
||||
}
|
||||
|
||||
@ -78,6 +86,7 @@ impl Request {
|
||||
};
|
||||
Ok(block_on(grpc::update_vm(proto::UpdateVmReq {
|
||||
uuid: uuid.to_string(),
|
||||
hostname: self.hostname.clone(),
|
||||
admin_pubkey: Config::get_detee_wallet()?,
|
||||
disk_size_gb: self.disk_size_gb,
|
||||
vcpus: self.vcpus,
|
||||
|
||||
Loading…
Reference in New Issue
Block a user